What's new in IBM Domino 9.0 Social Edition?

This topic describes the new features of the IBM® Domino® server and Domino Administrator client in release 9.0 Social Edition. It also describes new Domino Administrator functionality that supportsIBM Notes® installation and upgrade, Notes federated login, and Notes Social Edition OpenSocial component support for embedded experiences features.

Administration - new features

OpenSocial component supports embedded experiences features

The OpenSocial component provides social and web features to make third-party processes available directly in the client user's mail. The OpenSocial component supports:
  • iNotes® Widgets and LiveText
  • OpenSocial 2.0 Gadgets in the sidebar, pop-ups, and anywhere Notes and iNotes previously made widgets available
  • Embedded experiences in Notes and iNotes

Program document now supports server groups and pattern matching

For more information, see the related topics.

Fault Analyzer Task calculates dispositions by default

The Fault Analyzer task has been enhanced. Using a disposition value, fault reports are sorted in a new view to help explain the type of issues encountered and to allow administrators to focus on the reports important to them.

Database maintenance tool (dbmt) for user mail files

You can take advantage of a new tool for performing multiple daily/weekly administrative tasks on user's mail database files. The dbmt tool does all of the following:
  • runs copy-style compact operations
  • purges deletion stubs
  • expires soft deleted entries
  • updates views
  • reorganizes folders
  • merges full-text indexes
  • updates unread lists
  • ensures that critical views are created for failover

Replication-style compacting now available

In addition to in-place and copy-style compacting, new compact options allow you to create a replica in the background while compacting.

Quality of Service (QoS) feature helps keep Domino servers available

Quality of Service, or QoS, is designed to react to the general operation of a Domino server in order to keep that server up and functioning reliably at all times. If QoS detects that a server is not responding or hung, QoS probing can be configured to email an administrator about the problem and/or automatically terminate the server and restart it. QoS log information can also be useful for analysis by IBM Support.

Server - new features

IBM HTTP Server (IHS) can now run on the same computer as a Domino server and support Transport Layer Security (TLS)

Domino has the option of running the IBM HTTP Server on the same computer as a Domino HTTP server; the purpose of this enhancement is to support the Transport Layer Security (TLS) protocol.

Note: This IHS server module is supported only on Windows™.

A pass-through reverse proxy module named mod_domino is provided to forward HTTP requests to the Domino HTTP server. The pass-through reverse proxy module creates the context necessary to have the Domino HTTP server provide the HTTP request context expected by Domino Web applications, as if the Domino HTTP server were in direct contact with the browser client. Using the proxy module allows an IHS server to run in front of the Domino server.

Security - new features

Security Assertion Markup Language (SAML)

Federated identity is a means of achieving single sign-on, providing user convenience and helping to reduce administrative cost. Notes and Domino federated identity for user authentication uses the Security Assertion Markup Language (SAML) standard from OASIS.

SAML authentication allows a user to authenticate once with a designated identity provider (IdP), after which the user can access any server that is partnered with the IdP. Both Notes client and Web client users can make use of SAML-based authentication. Authentication depends upon signed XML identity assertions. The result for the user is transparent authentication and single-sign on with one-time authentication for multiple Domino web servers and applications, as well as any third-party applications that are also partnered with the IdP. The IdP determines the method of the one-time authentication; it might prompt the user for a password, or use a non-password authentication methods such as Integrated Windows authentication (SPNEGO/Kerberos) for users within an intranet. For Notes client users on Citrix, SAML authentication can facilitate a single-sign on solution, usually with the IdP configured for Integrated Windows authentication (IWA). SAML authentication at Notes client startup is referred to as federated login.

Secure Hash Algorithm (SHA-2)

The Secure Hash Algorithm (SHA-2) is available for use with some encryption features on all platforms supported by this release. SHA-2 is widely used and is approved by Federal Information Processing Standard (FIPS) 140-2, to assist in compliance with government mandate NIST 800-131. SHA-2 is currently available to use for X.509 certificate signature verification and S/MIME signed mail, and some areas of Notes/Domino where a password such as the Internet (HTTP) password was previously hashed.

Note: For more information on hashing, see the related center topic on electronic signatures.

Using a credential store to share credentials

In this release, the on-premises Domino server can use a credential store application (credstore.nsf). The credential store is a secure repository for document encryption keys and other tokens necessary for Notes and iNotes client users to grant access to applications that use the OAuth (open authorization) protocol. OAuth allows user credentials to be shared with compliant applications so that users avoid extra password prompts.

In combination with new Domino Social Edition Embedded Experiences Add-On configuration and deployment, a credential store allows Domino to support embedded-experience applications designed using the OpenSocial 2.0 standard and the Apache Shindig container.

Widgets - new features

The Widgets tab in the desktop policy settings document provides additional How To Apply settings

Widgets can be configured for specific releases of Notes and iNotes clients

In this release, the widget catalog administrator can use the Platform field in widget catalog documents to control which widgets in a category of widget are deployed to users. This feature is enabled by default on iNotes clients. For Notes clients you need to enable a preference to use this feature.

Widgets importing changes

The process for importing widgets is improved to support importing OpenSocial gadgets as widgets.

Policies - new features

New Notes® client preferences now assignable by policy

You can use the new option Mark new contacts as private by default in the Desktop policy settings document, Basics tab, Contacts section to assign this client preference. The preference is useful for client users who delegate access to their mail and contacts.

There are also NOTES.INI settings you can use on the Domino server in the Desktop policy settings document, Custom Settings > Notes.ini tab to apply other calendaring improvements in this release to users of a policy:
  • AUTO_SORT_DATE=11 or 12 - Enables the preference Automatically sort date columns (takes effect after reopening mail tab).

    A value of 11 displays the most recent message at the beginning of the view (the default) and 12 displays it at the end of the view.

  • TypeaheadShowServerFirst=1 - When users affected by the policy see a typeahead list, the server lists server results first, and then a Search Local Directory for name option.
    Tip: This NOTES.INI setting also works in Notes and Domino release 8.5.3.

Changes to policy settings for return receipts

There are changes and enhancements to return receipt behavior on both outgoing and incoming mail messages. For Notes client users, the administrator can configure the behavior through a combination of policy settings and NOTES.INI settings on the Domino server. The settings are configured entirely through NOTES.INI settings for iNotes client users.